package cn.acmenms.filter;

import cn.acmenms.controller.UserController;
import cn.acmenms.utils.CollectionTools;
import cn.acmenms.utils.StringTools;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import javax.servlet.*;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import java.io.IOException;
import java.util.Arrays;
import java.util.List;

/**
 * @ClassName: CorsFilter
 * @Description: 解决前后端分离架构中的跨域问题
 * @author: 神奇的鸭鸭
 * @Date: 2017/12/28 14:05
 */
public class CorsFilter implements Filter {

    private static final Logger log = LoggerFactory.getLogger(UserController.class);

    private String allowOrigin; // 允许访问的客户端域名
    private String allowMethods; // 允许访问的方法名
    private String allowCredentials; // 是否允许请求带有验证信息
    private String allowHeaders; // 允许服务端访问的客户端请求头
    private String exposeHeaders; // 允许客户端访问的服务端响应头

    public void init(FilterConfig filterConfig) throws ServletException {
        allowOrigin = filterConfig.getInitParameter("allowOrigin");
        allowMethods = filterConfig.getInitParameter("allowMethods");
        allowCredentials = filterConfig.getInitParameter("allowCredentials");
        allowHeaders = filterConfig.getInitParameter("allowHeaders");
        exposeHeaders = filterConfig.getInitParameter("exposeHeaders");
    }

    /**
     * 通过CORS技术实现AJAX跨域访问,只要将CORS响应头写入response对象中即可
     *
     * @param req req
     * @param resp resp
     * @param filterChain filterChain
     * @throws IOException exception
     * @throws ServletException exception
     */
    public void doFilter(ServletRequest req, ServletResponse resp, FilterChain filterChain) throws IOException, ServletException {
        HttpServletRequest request = (HttpServletRequest) req;
        HttpServletResponse response = (HttpServletResponse) resp;
        String currentOrigin = request.getHeader("Origin");
        log.debug("currentOrigin : " + currentOrigin);
        if (StringTools.isNotEmpty(allowOrigin)) {
            List<String> allowOriginList = Arrays.asList(allowOrigin.split(","));
            log.debug("allowOriginList : " + allowOrigin);
            if (CollectionTools.isNotEmpty(allowOriginList)) {
                if (allowOriginList.contains(currentOrigin)) {
                    response.setHeader("Access-Control-Allow-Origin", currentOrigin);
                }
            }
        }
        if (StringTools.isNotEmpty(allowMethods)) {
            response.setHeader("Access-Control-Allow-Methods", allowMethods);
        }
        if (StringTools.isNotEmpty(allowCredentials)) {
            response.setHeader("Access-Control-Allow-Credentials",
                    allowCredentials);
        }
        if (StringTools.isNotEmpty(allowHeaders)) {
            response.setHeader("Access-Control-Allow-Headers", allowHeaders);
        }
        if (StringTools.isNotEmpty(exposeHeaders)) {
            response.setHeader("Access-Control-Expose-Headers", exposeHeaders);
        }
        filterChain.doFilter(request, response);
    }

    public void destroy() {

    }
}